Lucene search
K

61 matches found

OSV
OSV
added 2023/10/26 7:15 p.m.3 views

CVE-2023-31416

Secret token configuration is never applied when using ECK =8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment...

5.3CVSS5.8AI score0.00364EPSS
Exploits0References2
NVD
NVD
added 2023/10/26 7:15 p.m.21 views

CVE-2023-31416

Secret token configuration is never applied when using ECK =8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment...

5.3CVSS5.2AI score0.00364EPSS
Exploits0References2
Prion
Prion
added 2023/10/26 7:15 p.m.24 views

Code injection

Secret token configuration is never applied when using ECK =8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment...

5CVSS5.3AI score0.00364EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/10/26 6:46 p.m.17 views

CVE-2023-31416 Elastic Cloud on Kubernetes (ECK) secret token configuration issue

Secret token configuration is never applied when using ECK =8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment...

5.3CVSS6.9AI score0.00364EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/26 6:46 p.m.27 views

CVE-2023-31416 Elastic Cloud on Kubernetes (ECK) secret token configuration issue

Secret token configuration is never applied when using ECK =8.0. This could lead to anonymous requests to an APM Server being accepted and the data ingested into this APM deployment...

5.3CVSS5.5AI score0.00364EPSS
Exploits0References2
CVE
CVE
added 2023/10/26 6:46 p.m.73 views

CVE-2023-31416

The CVE-2023-31416 issue affects Elastic Cloud on Kubernetes (ECK) before 2.8 when used with APM Server 8.0 or later. The root cause is that the secret token configuration is not applied, which could allow anonymous requests to be accepted and lead to data ingestion into the APM deployment. Affec...

5.3CVSS5.2AI score0.00364EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/10/26 4:15 a.m.27 views

CVE-2023-31421

It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the client is configured to...

7.5CVSS6.6AI score0.0027EPSS
Exploits0References2
CVE
CVE
added 2023/10/26 3:10 a.m.75 views

CVE-2023-31421

CVE-2023-31421 affects Beats, Elastic Agent, APM Server, and Fleet Server when acting as TLS clients: if configured to connect to an IP address, the client does not validate the server certificate’s IP SAN against that IP, though certificate signature validation runs. This can allow a connection ...

7.5CVSS6.6AI score0.0027EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/26 3:10 a.m.32 views

CVE-2023-31421 Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue

It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still performed. More specifically, when the client is configured to...

5.9CVSS7.7AI score0.0027EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/26 12:0 a.m.5 views

Elasticsearch Security Vulnerabilities

Elasticsearch is a search engine based on the Lucene library. A security vulnerability exists in Elasticsearch that stems from the fact that Beats, Elastic Agent, APM Server, Fleet Server, when used as a TLS client, does not verify that the server certificate is valid for the target IP address...

7.5CVSS6.8AI score0.0027EPSS
Exploits0References3
Elastic
Elastic
added 2023/09/19 3:32 p.m.8 views

Beats, Elastic Agent, APM Server, and Fleet Server 8.10.1 Security Update - Improper Certificate Validation issue (ESA-2023-16)

Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue ESA-2023-16 It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however,...

7.5CVSS6.9AI score0.0027EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/13 8:2 a.m.44 views

Security Bulletin: Multiple vulnerabilities in libthrift affect IBM Application Performance Management products

Summary libthrift jar is used by IBM Application Performance Management. Vulnerability Details CVEID:CVE-2018-1320 DESCRIPTION: Apache Thrift could allow a remote attacker to bypass security restrictions, caused by the disablement of an assert used to determine if the SASL handshake had...

7.8CVSS7.5AI score0.09082EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/05/18 6:34 p.m.33 views

GO-2022-0706 Information disclosure in go.elastic.co/apm

Sensitive HTTP headers may not be properly sanitized before being sent to the APM server if the program panics...

2.7CVSS3.9AI score0.00521EPSS
Exploits0References2
GitLab Advisory Database
GitLab Advisory Database
added 2021/05/18 12:0 a.m.48 views

Insertion of Sensitive Information into Log File

The Elastic APM agent for Go versions before 1.11.0 can leak sensitive HTTP header information when logging the details during an application panic. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application panic it...

2.7CVSS0.4AI score0.00521EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/26 5:14 p.m.21 views

Security Bulletin: Multiple vulnerabilities affect the IBM Performance Management product

Summary Multiple vulnerabilities affect the IBM Performance Management product. Vulnerability Details CVEID: CVE-2020-4726 DESCRIPTION: The IBM Application Performance Monitoring UI allows web pages to be stored locally which can be read by another user on the system. CVSS Base score: 4 CVSS...

6.1CVSS0.5AI score0.00832EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2019/12/13 9:28 p.m.297 views

Dsiem - Security Event Correlation Engine For ELK Stack

Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. Dsiem provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and...

6.8AI score
Exploits0References7
Elastic
Elastic
added 2019/12/02 4:39 p.m.7 views

Elastic Stack 7.5.0 security update

Metricbeat and Filebeat DSA public key panic ESA-2019-15 A denial of service flaw when parsing malformed DSA public keys was discovered in Go, the language used to implement Beats. If Metricbeat or Filebeat are configured to accept incoming TLS connections with client authentication enabled, a...

7.5CVSS9.6AI score0.04693EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 5:19 p.m.36 views

Security Bulletin: IBM Application Performance Management could allow a remote attacker to hijack the clicking action of the victim (CVE-2019-4086)

Summary IBM Application Performance Management could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attac...

6.1CVSS1.9AI score0.01194EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2019/07/31 4:33 a.m.25 views

Man-in-the-Middle (MitM)

elastic-apm is vulnerable to man-in-the-middle MitM attacks. When specifying a trusted server CA certificate via the servercacert setting, a TLS certificate validation error causes improper verification of the certificate returned by the APM server. This allows an attacker to perform...

7.4CVSS3.8AI score0.00644EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/07/30 9:15 p.m.26 views

CVE-2019-7615

A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'servercacert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the...

7.3AI score0.00644EPSS
Exploits0References1
Rows per page
Query Builder